[ARIN-consult] [ARIN-Consult] Consultation on Expanding 2FA Options for ARIN Online

Chris Woodfield chris at semihuman.com
Tue Jan 24 15:48:41 EST 2023



> On Jan 24, 2023, at 12:36 PM, Adam Thompson <athompso at athompso.net> wrote:
> 
> 
> Which is more important: keeping bad actors out, or letting authorized users in?
> 
> All I'm hearing during this discussion is protecting accounts against hypothetical compromise (with IIRC no evidence this has ever happened, or any negative outcome has occurred previously) with no consideration of people who have unusual needs.
> 
> (Some of those needs, definitely not all, are referred to in American law as "disabilities", btw.  I hope someone at ARIN has thought about how the proposed 2FA scheme complies with the ADA?)
> 
> -Adam 
> 

Hence my recommendation that if a limit is set, it should not be a hard limit, and allow for the limit to be raised upon request (presumably after a manual authentication of the request by ARIN staff). 

-C

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-consult/attachments/20230124/f524c666/attachment.htm>


More information about the ARIN-consult mailing list